Protecting against downloads
heiser at tdw201.ed.ray.com
heiser at tdw201.ed.ray.com
Tue Sep 18 01:12:34 AEST 1990
In article <epeterso.653228040 at houligan> epeterson at encore.com writes:
>
>What you might do is write a shell script (or hack the xmodem, kermit,
>or sz code) to check the user and group ID for each file that is being
>attempted to be transferred. If the UID and GID are "root" or "sys"
>or "bin" or some other system ID, then deny access to the file.
>Otherwise, let it go through as normal.
This sounds like an interesting idea. I'll have to give it some thought.
>There is also a command under System V called "chroot". What that
Another interesting idea. Maybe building a "mini file system", and
chrooting to it for remote shell users would give them the stuff they
need, yet protect me.
>| Run an MS-DOS system.
>
>ACK!! What makes MS-DOS so much better than Unix? If I had DOS shell
>access, I could still download the DOS binaries, so the problem would
>still exist, right? How would you solve it with a DOS system?
>
I run an MSDOS system now -- that's EXACTLY what I'm trying to get away
from! No sysop in their right mind would give any dos bbs users shell
access! There is NO security whatsoever under msdos...
--
Work: heiser at tdw201.ed.ray.com
{decuac,necntc,uunet}!rayssd!tdw201!heiser
Home(1): bill%unixland.uucp at world.std.com -or- uunet!world!unixland!bill
Public Access Unix Coming Soon!
Home(2): Bill.Heiser at f240.n322.z1.fidonet.org (BBS: 1-508-655-3848)
Other: heiser at world.std.com (Pub. Access Unix)
More information about the Comp.unix.sysv386
mailing list